Alternative to manifest v3 chromium extension - javascript

Currently, I have developed an extension that handles a web page for 24 hours, basically an automation for a browser. But the problem I'm facing, is that the released manifest v3 doesn't allow it to work for more than 2 hours without stopping (currently, the "service work" of any manifest v3 extension works for only 5 minutes, but an open tab works for 2 hours until the entire browser crashes). I've already tried a manifest v2 extension, but the large structure of my code didn't pay off, I've already tried to create an automation using Python 3, but it didn't have much compatibility with slow computers, so in the end my client didn't like it and failed the project. Any solution? to "inject" javascript to automate a single web page for a long time, it can be per app or not, but I need ideas!

Related

Web JavaScript app unable to find resources

A developer set up for me an online JavaScript app that is hosted on an AWS EC2 instance. It has been operating fine until a few hours ago when suddenly navigating to the website produces a blank page.
I expose the source, and it appears that the HTML is trying to load a JavaScript app (see screenshot 1), and when I look at the Web Inspector console, it seems that certain resources are not being found (screenshot 2). Strangely enough, I can't find these paths myself (except for app.js.map)
I have very limited knowledge about how web servers are run or how JavaScript works, but I do have some familiarity with AWS, and I have full access to the EC2 instance.
Considering nothing was intentionally or manually changed, I am guessing there must be some service that has stopped working.
Any ideas on how to troubleshoot this further?
Well this was a rather painful journey: nginx was dead.

Detect 3rd party extension from client

This has been a bit hard to find, given Chrome has changed its API a lot so have found outdated suggestions. And what's not outdated is from the POV of writing an extension
Our js app is having trouble when some users have a specific chrome Extension installed. We want to warn users of potential issues if it sees that extension is present in the users browser.
This extension loads a single content-script and runs in the background. It doesn't have an open connection, exposure variables to the clients window or anything advanced.
Is there a way the client can ping or check for this script?
For instance, I tried using fetch of the chrome-extension:// manifest - same via a script tag loading the extensions main.js but those don't work, chrome complaining it can't load the asset (presumably a permissions issue)
Is it even possible?

Testing Chrome Extension APIs Locally

This is a pretty general question with a couple examples. I'm fairly new to writing chrome extensions and I seem to keep running into cases that are impossible to test without deploying to the webstore (which takes ~60m each time). This is an impossible workflow. Am I missing something?
Case 1 inline installation
Trying to set up inline installation from my site to a chrome extension. When I run the site locally i get the following.
Error downloading extension: Inline installs can only be initiated for Chrome Web Store items that have one or more verified sites.
But I cannot seem to add localhost website property in chrome's developer dashboard. What is the recommended way to do this in a dev environment. I tried using local.mywebsite.com and adding a local alias for localhost, but now chrome cannot find the verification file you are required to serve...
Case 2 Chrome Extension OAuth
Attempting to use chrome.identity.launchWebAuthFlow to setup user credentials in my extension for my website, but of course the callback url provided https://<ext-id>.chromium.org/provider-cb does not redirect to my local deploy of the extension.
Is there no way to test these things??
Regarding your error "Inline installs can only be initiated for Chrome Web Store items that have one or more verified sites.", you may follow the instructions given in this page.
You need to:
Go to the Webmaster Tools.
Add the site to your sites.
Obtain and embed a verification code into your site.
Complete verification in Webmaster Tools.
Go to your Developer Dashboard (must be under the same Google account) and edit your Web Store item.
Select your site in "Verify that this is an official item for a website you own:"
Here are some references which might help in testing extensions:
Testing browser extensions
How to test chrome extensions?

How does Javascript Malware work?

I'm facing a problem with my Chrome on both Ubuntu 15.04 and Windows 10. It's some sort of malware named xnxx-ads.js. This malware opens unwanted tabs and plays advertisement audio on all sorts of pages. For instance, I might have a SO tab open with a speaker icon! playing ad.
The thing that is important to me (as a web application developer) is that how this malware works!? How can some script be loaded on a web page without it being addressed in the source? Is it because of a security hole in Google Chrome?
BTW, my Chrome is: Version 46.0.2490.86 (64-bit) on both operating systems.
[UPDATE]
My Chrome was just updated to Version 47.0.2526.73 (64-bit) and the problem remains.
To get mal-ware inserted into pages, you generally need one of these things:
If it is only on a specific site, it is possible that that site has been compromised and the content comes from the site already infected.
Something in your ISP is compromised and the content comes from your ISP already infected.
Something in your own network (e.g. router) is compromised and the contents arrives on your PC already infected.
A malicious program got itself installed on your computer and it is injecting things into web pages as they arrive on your computer (either by modifying the incoming TCP or by messing with the browser).
A malicious browser extension got itself installed on your computer and it is injecting things into web pages as the browser loads them.
The most likely options are 4 and 5.
You can probably rule out 1, 2 and 3 by checking the site on your phone or tablet while attached to your home network's wifi. If there is no infection on the web pages viewed on the phone or tablet, then it is not likely 1 or 2 or 3.
If you disable all browser extensions in Chrome and the problem still occurs, then you can probably rule out #5. If the problem goes away when you disable all browser extensions, then you probably have a bad browser extension.
In all cases, you should run a good malware detector. When something like this happened to my daughter's computer, Microsoft Defender did not detect it, but when I downloaded and ran the free Malware-Bytes scanner, it did find the problem and removed it.

Can I embed a chrome extension app as part of my main AngularJS app?

I have been doing a lot of reading and studying to figure out.
I basically just want my main AngularJS application to run, but also include an embedded Chrome Extension app - in this case, have regularly scheduled alarms (using the chrome.alarm API).
I want all users of my AngularJS app to have automatic access to the Chrome extension app, embedded in the main clientside one with lots of other Angular features.
It seems like I have to manually enable my Chrome app in Developer mode on my browser and even drag my Chrome app specifically to a location in my Chrome browser. I don't understand how end users can just automatically use my Chrome app then.
I need to add here I have never really used jQuery, only AngularJS but AngularJS extensively. My AngularJS app is the frontend, the backend is provided by Rails.
Some advice would be really helpful. I hope I am not downvoted as it is strange how sometimes questions get downvoted and I am not sure why...I don't really know where else to go with this question.
EDIT:
Ok some code to demonstrate:
myangularapp.controller('myappcontroller', function($scope, $http) {
var delayvar = 5;
chrome.alarms.create("arandomalarm", {delay: delayvar});
};
This doesn't just work as part of my AngularJS, I tried creating a manifest.json file in the app/assets folder too. As well as a background.js file there and my-chrome-app.js file. "chrome.alarms" is undefined, but I haven't enabled Developer mode yet. But still, how are end users supposed to use it if just to make me use it I need to do so much specific browser configuration?
You should have a look at Content Scripts and then at Message Passing which explains you how to communicate between a web page and an Chrome extension.
its not possible to automatically install a chrome extension. the user must install it from the chrome store.
you may make it easier for them to install it by providing an inline installation from your webpage. its in the official documentation and you can see an example on this page with the "add to chrome" button:
http://plusfortrello.com (one of my chrome extensions which has inline installation inside that page).
that example button is further customized to display a message instead if the user is not on chrome desktop.
if your extension also has permission to your webpage then you can also detect from your webpage if the extension is already install it (to hide the button, send messages to it and such).

Categories

Resources